UK Biobank chief says he is angry over participant identification incident

UK Biobank’s chief executive, Professor Sir Rory Collins, said he was “angry” and “upset” over a participant identification incident that went to the core of the project’s promise to volunteers. The research resource, set up in November 2003, was built on the health, lifestyle and genetic data of 500,000 participants and has become one of Britain’s most important biomedical datasets.

Collins, appointed principal investigator and chief executive in 2005, is both the project’s public steward and one of its participants. That makes the episode especially sensitive, because UK Biobank’s value depends on the trust of people who agreed to share intimate medical information for long-term research, on the understanding that it would be handled under strict controls.

UK Biobank says more than 20,000 scientists around the world have been approved to use its de-identified data, a scale that underscores both the scientific reach and the governance challenge. The more widely a dataset is used, the more important the safeguards become around access, audit trails and the possibility of re-identification. In its own messaging to participants, the organisation said there was “no evidence” that any participant had been unwillingly identified and that “there has not been any hack or data breach of UK Biobank.”

That distinction matters. The immediate question is not simply whether one person or one group crossed a line, but whether the system’s controls are strong enough for a national research resource of this size. UK Biobank has said it previously investigated allegations of misuse and found no evidence of inappropriate access in those cases, reinforcing its position that the project’s existing governance is meant to detect and contain abuse.

The incident also lands at a moment when the database’s research potential continues to grow. UK Biobank has said access to de-identified GP data for all 500,000 volunteers would transform the database’s usefulness overnight. That makes consent and privacy even more important, because each new layer of data increases the scientific value of the resource while also raising the stakes for trust.

For UK Biobank, the central test is whether this episode represents a rare lapse or a warning about the pressures faced by large-scale medical research. With backing from institutions including Wellcome, the Medical Research Council, the Department of Health and Social Care and the Scottish Government, the project has long been presented as a model of public-benefit science. Its next challenge is proving that the model can still protect the people who made it possible.